NTARC Database

NTARC Database

Network Traffic Analysis Research Curation

Database

Daniel Ferreira, TU Wien

daniel.ferreira@tuwien.ac.at

Why?

  • Reading papers is time-exhaustive
  • Each day more research, impossible to read everything
  • No standardized methodologies (in network traffic research)

The NT Analysis Pipeline

Taxonomy

Goals

  • Easy to find unresearched topics
  • Enables another perspective of the research
  • Enables reproducibility
  • Encourages standardization

NTARC Database

What Is It?

Collection of JSON files, include structured and unstructured data

We collect many parameters on what was previously researched

e.g.:

Who has used SVM for anomaly detection, and in which dataset?

Is the size of the packet often used to detect DDoS attacks?

What We Have

  • 71 papers with NTARC.v1
  • > 50 papers with NTARC.v2
  • v1 and v2 have 33 papers in common

v1 is now deprecated, but not all content exists (yet) in v2


Taxonomy

Documentation

https://nta-meta-analysis.readthedocs.io

Viewing the Database

https://github.com/CN-TU/nta-meta-analysis

How Can I Use It?

Which papers do anomaly detection?


with grep (v1)


with grep (v2)

with python (v2)

https://github.com/CN-TU/nta-meta-analysis-library

with python (v2)

or


with python (v2)

What Can It Be Used For?

  • Which methods have already been applied?
  • What datasets are being used?
  • What are the main gaps in the field?
  • Whatever else you can think of…

What Features Are Most Used?

Feature usage

Made with NTARC.v1

Reference: Ferreira, D. C., Vázquez, F. I., Vormayr, G., Bachl, M., & Zseby, T. (2017, August). A meta-analysis approach for feature selection in network traffic research. In Proceedings of the Reproducibility Workshop (pp. 17-20). ACM.

Why Should I Contribute?

By contributing, you will…

  • increase long-time quality of Network Analysis research
  • quickly learn what is important to read in papers
  • become more critical of research
  • write easier to comprehend papers

How Can I Contribute?

  1. Find a paper that deals with traffic analysis at network level (ask us if you need suggestions)
  2. Read the paper
  3. Curate the paper to an NTARC file
  4. Open a pull-request on Github to add to the database

Curating a Paper

Editor demo

https://github.com/CN-TU/nta-meta-analysis-editor


Paper blocks

Summary

  • NTARC format
  • Search for papers in the database
  • Adding papers is good for everyone!